() – Hackers linked to the government of Iran have investigated and probed election-related websites in multiple U.S. swing states, in a possible effort to uncover vulnerabilities that could be used to influence the presidential election, Microsoft said in a statement. report published on Wednesday.
Officials from multiple federal agencies are closely watching the Iranians’ activity, a US official told .
The investigation of election-related websites took place in April, but was only recently discovered by Microsoft analysts. Hackers also “conducted reconnaissance from major American media outlets” in May, according to Microsoft.
U.S. intelligence agencies have assessed that Iran attempted to stoke discord during the 2024 election, partly through hacking activities targeting former President Donald Trump’s campaign and partly by encouraging protests against US policy toward Israel.
Microsoft analysts expect the Iranian hacking group to “increase its activity as the election approaches, given the group’s operational pace and its history of election interference,” the tech firm said in its Wednesday report.
It is the latest sign of efforts by multiple Iranian, Russian and Chinese groups to influence or monitor the US elections in the final stages of the presidential campaign.
There is no evidence that the Iranians’ reconnaissance and probing – which typically involves looking for vulnerabilities in websites – has escalated to hacking attempts on those websites, sources familiar with the investigation told . The activity does not threaten the integrity of voting, which has multiple safeguards and controls.
But the concern among U.S. officials and private analysts is that this could be another foreign-backed effort to amplify concerns in Americans’ minds about voting. Hackers can leak publicly available voter registration data, for example, to try to convince people that they have access to more sensitive election systems.
The news comes a day after US intelligence agencies released an assessment accusing Russian operatives of creating and disseminating viral audio content on the right. US intelligence services are also concerned that Russia and Iran could use disinformation to try to foment violence in the days and weeks between election day and the certification of the votes.
A Russian group moved from Telegram to X in September, where its doctored videos attacking Harris have gained more traction, according to Microsoft. One of those videos used AI to falsely depict Harris mocking one of Trump’s assassination attempts and received tens of thousands of views on X, according to the report.
Microsoft analysts call the hacker group that probed election-related websites Cotton Sandstorm and believe it is led by Iran’s Islamic Revolutionary Guard Corps (IRGC). The hackers have not yet launched an influence operation targeting the 2024 elections, according to Microsoft, but their track record worries US authorities.
The same Iranian group posed as the far-right Proud Boys group to try to intimidate voters in the 2020 election. In 2020, Iranian hackers also probed election-related websites in several states and, in one case, accessed electoral roll data as part of an attempt to influence and undermine the US presidential election.
Another IRGC-backed group hacked documents held by the Trump presidential campaign and leaked them to media outlets this summer.
China has not launched a concerted effort to influence the presidential election, but has targeted at least 10 congressional, state or local races with covert social media campaigns, according to U.S. intelligence agencies.
Microsoft’s new report shows evidence that Chinese operatives are attempting to aggressively denigrate Senate and House candidates with posts on X.
“I agree with the assessment that we should expect to see more from Iran, even if it is hapless and ineffective like its 2020 efforts,” Chris Krebs, who was head of the Federal Cybersecurity and Infrastructure Security Agency during the 2020s, told . 2020 elections.
“We continue to see – whether it’s the Iranians, the Russians or the Chinese – that information operations are more of a nuisance than a game-changer,” Krebs said. “But they are cheap, they are scalable and there are not many consequences.”
American voters, Krebs said, “should anticipate a noisy information environment in the coming months and not get caught up in the chaos.”
Add Comment